$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/98bbbcef-0217-4c51-a717-7af30c63be28.roa File: 98bbbcef-0217-4c51-a717-7af30c63be28.roa (raw, json) Hash identifier: yXdIcPdL3yEYZkTBeK2qXMl29+Icc8ba2QmRm5jvTUY= Subject key identifier: 24:41:0F:16:BC:FA:71:21:ED:ED:66:D9:36:AC:17:CC:33:FE:9E:7B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 25A64CAF0278E2B7A21D9B76F74BF774935F9660 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/98bbbcef-0217-4c51-a717-7af30c63be28.roa Signing time: Tue 06 May 2025 00:00:15 +0000 ROA not before: Tue 06 May 2025 00:00:15 +0000 ROA not after: Tue 10 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 10 May 2025 00:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:a6:4c:af:02:78:e2:b7:a2:1d:9b:76:f7:4b:f7:74:93:5f:96:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 6 00:00:15 2025 GMT Not After : Jun 10 23:59:59 2025 GMT Subject: serialNumber=8be94eacba37a4acd5f06d3d60d4a72645fa18f2611e7514ce41b8ce1afcf67b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:fd:56:40:a7:13:75:61:d8:d9:7f:3d:c7:3a: 0e:d1:75:e4:52:29:38:2d:2e:4d:ed:5d:53:e9:cf: 61:da:fe:5a:2e:db:e1:f0:9f:1e:57:be:d9:22:53: ad:06:86:73:43:c1:d4:cb:55:19:2b:e7:c6:9b:a2: 37:89:e5:b4:2e:3f:52:96:a1:06:ed:e3:68:6e:b4: 93:fe:c6:eb:22:80:08:7f:06:fb:dd:f2:7c:19:61: 03:c4:56:84:0c:9c:fb:6a:6f:91:e9:03:08:bf:20: b8:8b:da:61:45:46:67:d1:ed:93:b6:dc:dd:e0:f7: da:f3:e0:6b:e6:b3:78:43:45:ed:4f:65:ac:ac:a0: 5f:02:8c:a3:29:82:fa:76:a0:d2:bc:43:9f:c7:66: 89:6f:6e:38:24:0f:02:ee:06:49:5c:d6:fb:34:e8: c0:7e:72:2a:aa:32:61:94:4e:8c:a5:11:d1:7f:78: d5:3f:35:c4:f6:96:3e:ed:ab:c0:ec:9c:89:67:af: 16:72:32:2d:e8:4f:fe:09:04:27:99:f5:a3:43:b1: 38:a0:a1:99:8e:f1:3b:a5:d9:3d:27:81:3a:08:41: b5:0e:4a:ec:01:1c:c3:07:21:84:b7:14:10:26:bc: 68:95:1e:29:69:a1:fc:2a:59:9e:ce:75:4f:75:fb: 00:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:41:0F:16:BC:FA:71:21:ED:ED:66:D9:36:AC:17:CC:33:FE:9E:7B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/98bbbcef-0217-4c51-a717-7af30c63be28.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:8800::/40 Signature Algorithm: sha256WithRSAEncryption 3d:83:a9:40:9f:46:b1:17:56:31:dc:41:88:b4:d2:ac:ab:74: 60:5c:f2:8e:91:98:31:72:b4:56:1a:9f:1f:9c:d3:48:41:db: ab:7f:6c:8b:2c:7a:2f:95:7d:c9:c7:ed:f1:36:e9:2d:fd:06: a0:b8:a3:71:e1:61:8f:74:68:6b:8d:83:d1:63:03:56:ce:a0: e4:a9:43:9f:7e:91:23:52:43:ba:39:39:ae:d6:67:02:a5:af: 92:d4:50:93:80:af:f9:d5:65:36:cb:0a:88:03:40:8b:85:bf: 06:7b:aa:b7:4b:d0:81:ad:67:f1:c2:8f:16:6f:b3:25:d3:b5: e5:e2:d3:8a:66:af:8a:25:d7:8c:98:10:ae:76:a3:f4:5c:e3: 76:b8:7f:66:b2:b9:b2:e2:96:a4:11:e0:1f:73:5e:5b:e1:8f: 53:2f:58:1e:0a:f0:25:2f:ef:e3:ca:44:c4:93:2e:ab:c6:b8: 25:b3:ce:14:26:50:d1:ad:54:a2:b9:c1:75:9e:43:c2:50:59: 97:10:e4:d3:50:d1:28:97:e8:00:02:ac:c0:90:2f:51:d9:cc: 6b:3a:bc:a3:d3:fc:73:6e:2e:1d:33:ba:5a:81:f6:bd:ec:68: 8a:00:27:c4:c4:b7:ea:dc:28:45:85:f2:e3:c9:01:c5:88:b0: b9:f9:90:59 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJaZMrwJ44reiHZt290v3dJNflmAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUwNjAwMDAxNVoX DTI1MDYxMDIzNTk1OVowejFJMEcGA1UEBRNAOGJlOTRlYWNiYTM3YTRhY2Q1ZjA2 ZDNkNjBkNGE3MjY0NWZhMThmMjYxMWU3NTE0Y2U0MWI4Y2UxYWZjZjY3YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/1WQKcTdWHY2X89xzoO0XXkUik4 LS5N7V1T6c9h2v5aLtvh8J8eV77ZIlOtBoZzQ8HUy1UZK+fGm6I3ieW0Lj9SlqEG 7eNobrST/sbrIoAIfwb73fJ8GWEDxFaEDJz7am+R6QMIvyC4i9phRUZn0e2Tttzd 4Pfa8+Br5rN4Q0XtT2WsrKBfAoyjKYL6dqDSvEOfx2aJb244JA8C7gZJXNb7NOjA fnIqqjJhlE6MpRHRf3jVPzXE9pY+7avA7JyJZ68WcjIt6E/+CQQnmfWjQ7E4oKGZ jvE7pdk9J4E6CEG1DkrsARzDByGEtxQQJrxolR4paaH8KlmeznVPdfsAoQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCRBDxa8+nEh7e1m2TasF8wz/p57MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk4YmJiY2VmLTAyMTctNGM1MS1hNzE3LTdhZjMwYzYzYmUyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+IgwDQYJKoZIhvcNAQELBQADggEBAD2DqUCfRrEXVjHcQYi0 0qyrdGBc8o6RmDFytFYanx+c00hB26t/bIssei+VfcnH7fE26S39BqC4o3HhYY90 aGuNg9FjA1bOoOSpQ59+kSNSQ7o5Oa7WZwKlr5LUUJOAr/nVZTbLCogDQIuFvwZ7 qrdL0IGtZ/HCjxZvsyXTteXi04pmr4ol14yYEK52o/Rc43a4f2ayubLilqQR4B9z Xlvhj1MvWB4K8CUv7+PKRMSTLqvGuCWzzhQmUNGtVKK5wXWeQ8JQWZcQ5NNQ0SiX 6AACrMCQL1HZzGs6vKPT/HNuLh0zulqB9r3saIoAJ8TEt+rcKEWF8uPJAcWIsLn5 kFk= -----END CERTIFICATE-----Generated at Tue May 6 10:33:47 2025 by rpki-client